Lucene search

[email protected]CVE-2010-1509

HistoryMay 14, 2010 - 7:30 p.m.

CVE-2010-1509

2010-05-1419:30:01

CWE-119

[email protected]

web.nvd.nist.gov

cve-2010-1509

irfanview

psd

image processing

denial of service

buffer overflow

sign-extension error

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

8.3 High

AI Score

Confidence

High

0.131 Low

EPSS

Percentile

95.5%

JSON

IrfanView before 4.27 does not properly handle an unspecified integer variable during processing of PSD images, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow, related to a “sign-extension error.”

Affected configurations

NVD

Node

irfanviewirfanviewRange≤4.25

irfanviewirfanviewMatch1.70

irfanviewirfanviewMatch1.75

irfanviewirfanviewMatch1.80

irfanviewirfanviewMatch1.85

irfanviewirfanviewMatch1.90

irfanviewirfanviewMatch1.95

irfanviewirfanviewMatch1.97

irfanviewirfanviewMatch1.98

irfanviewirfanviewMatch1.98a

irfanviewirfanviewMatch1.99

irfanviewirfanviewMatch2.00

irfanviewirfanviewMatch2.05

irfanviewirfanviewMatch2.07

irfanviewirfanviewMatch2.10

irfanviewirfanviewMatch2.12

irfanviewirfanviewMatch2.15

irfanviewirfanviewMatch2.17

irfanviewirfanviewMatch2.18

irfanviewirfanviewMatch2.20

irfanviewirfanviewMatch2.22

irfanviewirfanviewMatch2.25

irfanviewirfanviewMatch2.27

irfanviewirfanviewMatch2.30

irfanviewirfanviewMatch2.32

irfanviewirfanviewMatch2.35

irfanviewirfanviewMatch2.37

irfanviewirfanviewMatch2.40

irfanviewirfanviewMatch2.50

irfanviewirfanviewMatch2.52

irfanviewirfanviewMatch2.55

irfanviewirfanviewMatch2.60

irfanviewirfanviewMatch2.62

irfanviewirfanviewMatch2.63

irfanviewirfanviewMatch2.65

irfanviewirfanviewMatch2.66

irfanviewirfanviewMatch2.68

irfanviewirfanviewMatch2.80

irfanviewirfanviewMatch2.82

irfanviewirfanviewMatch2.83

irfanviewirfanviewMatch2.85

irfanviewirfanviewMatch2.90

irfanviewirfanviewMatch2.92

irfanviewirfanviewMatch2.95

irfanviewirfanviewMatch2.97

irfanviewirfanviewMatch2.98

irfanviewirfanviewMatch3.00

irfanviewirfanviewMatch3.02

irfanviewirfanviewMatch3.05

irfanviewirfanviewMatch3.07

irfanviewirfanviewMatch3.10

irfanviewirfanviewMatch3.12

irfanviewirfanviewMatch3.15

irfanviewirfanviewMatch3.17

irfanviewirfanviewMatch3.20

irfanviewirfanviewMatch3.21

irfanviewirfanviewMatch3.25

irfanviewirfanviewMatch3.30

irfanviewirfanviewMatch3.33

irfanviewirfanviewMatch3.35

irfanviewirfanviewMatch3.36

irfanviewirfanviewMatch3.50

irfanviewirfanviewMatch3.51

irfanviewirfanviewMatch3.60

irfanviewirfanviewMatch3.61

irfanviewirfanviewMatch3.70

irfanviewirfanviewMatch3.75

irfanviewirfanviewMatch3.80

irfanviewirfanviewMatch3.85

irfanviewirfanviewMatch3.90

irfanviewirfanviewMatch3.91

irfanviewirfanviewMatch3.92

irfanviewirfanviewMatch3.95

irfanviewirfanviewMatch3.97

irfanviewirfanviewMatch3.98

irfanviewirfanviewMatch3.99

irfanviewirfanviewMatch4.00

irfanviewirfanviewMatch4.10

irfanviewirfanviewMatch4.20

irfanviewirfanviewMatch4.22

irfanviewirfanviewMatch4.23

CPENameOperatorVersion
irfanview:irfanviewirfanviewle4.25
irfanview:irfanviewirfanvieweq1.70
irfanview:irfanviewirfanvieweq1.75
irfanview:irfanviewirfanvieweq1.80
irfanview:irfanviewirfanvieweq1.85
irfanview:irfanviewirfanvieweq1.90
irfanview:irfanviewirfanvieweq1.95
irfanview:irfanviewirfanvieweq1.97
irfanview:irfanviewirfanvieweq1.98
irfanview:irfanviewirfanvieweq1.98a

CPE	Name	Operator	Version
irfanview:irfanview	irfanview	le	4.25
irfanview:irfanview	irfanview	eq	1.70
irfanview:irfanview	irfanview	eq	1.75
irfanview:irfanview	irfanview	eq	1.80
irfanview:irfanview	irfanview	eq	1.85
irfanview:irfanview	irfanview	eq	1.90
irfanview:irfanview	irfanview	eq	1.95
irfanview:irfanview	irfanview	eq	1.97
irfanview:irfanview	irfanview	eq	1.98
irfanview:irfanview	irfanview	eq	1.98a

Rows per page:

1-10 of 811

References

irfanview.com/main_history.htm

osvdb.org/64627

secunia.com/advisories/39036

secunia.com/secunia_research/2010-41

www.securityfocus.com/archive/1/511274/100/0/threaded

www.securityfocus.com/bid/40104

exchange.xforce.ibmcloud.com/vulnerabilities/58548

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6705

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

8.3 High

AI Score

Confidence

High

0.131 Low

EPSS

Percentile

95.5%

JSON

Related for CVE-2010-1509

prion1 securityvulns2 cvelist1 nvd1 openvas2